1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.21 2008/05/14 11:59:20 sephe Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/firmware.h> 45 #include <sys/kernel.h> 46 #include <sys/kthread.h> 47 #include <sys/interrupt.h> 48 #include <sys/socket.h> 49 #include <sys/systm.h> 50 #include <sys/malloc.h> 51 #include <sys/module.h> 52 #include <sys/endian.h> 53 #include <sys/proc.h> 54 #include <sys/priv.h> 55 #include <sys/ucred.h> 56 #include <sys/bus.h> 57 #include <sys/rman.h> 58 #include <sys/serialize.h> 59 60 #include <bus/pci/pcidevs.h> 61 #include <bus/pci/pcireg.h> 62 #include <bus/pci/pcivar.h> 63 64 #include <net/bpf.h> 65 #include <net/if.h> 66 #include <net/if_arp.h> 67 #include <net/ethernet.h> 68 #include <net/if_dl.h> 69 #include <net/if_media.h> 70 #include <net/if_types.h> 71 #include <net/ifq_var.h> 72 73 #include <netproto/802_11/ieee80211_var.h> 74 #include <netproto/802_11/ieee80211_radiotap.h> 75 76 #include <netinet/in.h> 77 #include <netinet/in_systm.h> 78 #include <netinet/in_var.h> 79 #include <netinet/ip.h> 80 #include <netinet/if_ether.h> 81 82 #include <dev/netif/iwi/if_iwireg.h> 83 #include <dev/netif/iwi/if_iwivar.h> 84 85 #ifdef IWI_DEBUG 86 #define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0) 87 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0) 88 int iwi_debug = 0; 89 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 90 #else 91 #define DPRINTF(x) 92 #define DPRINTFN(n, x) 93 #endif 94 95 static struct iwi_ident { 96 uint16_t vendor; 97 uint16_t device; 98 const char *name; 99 } iwi_ident_table[] = { 100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 101 "Intel(R) PRO/Wireless 2200BG" }, 102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 103 "Intel(R) PRO/Wireless 2225BG" }, 104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 105 "Intel(R) PRO/Wireless 2915ABG" }, 106 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 107 "Intel(R) PRO/Wireless 2915ABG" }, 108 { 0, 0, NULL } 109 }; 110 111 static void iwi_fw_monitor(void *); 112 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 113 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 114 int); 115 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 116 int); 117 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 118 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 119 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 120 int, bus_addr_t, bus_addr_t); 121 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 122 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 123 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 124 int); 125 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 126 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 127 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 128 static void iwi_node_free(struct ieee80211_node *); 129 static int iwi_media_change(struct ifnet *); 130 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 131 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 132 static int iwi_wme_update(struct ieee80211com *); 133 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 134 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 135 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 136 struct iwi_frame *); 137 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 138 static void iwi_rx_intr(struct iwi_softc *); 139 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 140 static void iwi_intr(void *); 141 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 142 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 143 static int iwi_tx_start(struct ifnet *, struct mbuf *, 144 struct ieee80211_node *, int); 145 static void iwi_start(struct ifnet *); 146 static void iwi_watchdog(struct ifnet *); 147 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 148 static void iwi_stop_master(struct iwi_softc *); 149 static int iwi_reset(struct iwi_softc *); 150 static int iwi_load_ucode(struct iwi_softc *, void *, int); 151 static int iwi_alloc_firmware(struct iwi_softc *, enum ieee80211_opmode); 152 static int iwi_free_firmware(struct iwi_softc *); 153 static int iwi_load_firmware(struct iwi_softc *, void *, int); 154 static int iwi_config(struct iwi_softc *); 155 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 156 static int iwi_scan(struct iwi_softc *); 157 static int iwi_auth_and_assoc(struct iwi_softc *); 158 static void iwi_init(void *); 159 static void iwi_stop(void *); 160 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 161 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 162 163 static int iwi_probe(device_t); 164 static int iwi_attach(device_t); 165 static int iwi_detach(device_t); 166 static int iwi_shutdown(device_t); 167 static int iwi_suspend(device_t); 168 static int iwi_resume(device_t); 169 170 static int iwi_alloc_ibss_node(struct iwi_softc *); 171 static void iwi_free_ibss_node(struct iwi_softc *, int); 172 173 static device_method_t iwi_methods[] = { 174 /* Device interface */ 175 DEVMETHOD(device_probe, iwi_probe), 176 DEVMETHOD(device_attach, iwi_attach), 177 DEVMETHOD(device_detach, iwi_detach), 178 DEVMETHOD(device_shutdown, iwi_shutdown), 179 DEVMETHOD(device_suspend, iwi_suspend), 180 DEVMETHOD(device_resume, iwi_resume), 181 182 { 0, 0 } 183 }; 184 185 static driver_t iwi_driver = { 186 "iwi", 187 iwi_methods, 188 sizeof (struct iwi_softc) 189 }; 190 191 static devclass_t iwi_devclass; 192 193 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 194 195 MODULE_DEPEND(iwi, pci, 1, 1, 1); 196 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 197 198 /* 199 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 200 */ 201 static const struct ieee80211_rateset iwi_rateset_11a = 202 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 203 204 static const struct ieee80211_rateset iwi_rateset_11b = 205 { 4, { 2, 4, 11, 22 } }; 206 207 static const struct ieee80211_rateset iwi_rateset_11g = 208 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 209 210 static void 211 iwi_fw_monitor(void *arg) 212 { 213 struct iwi_softc *sc = arg; 214 struct ifnet *ifp = &sc->sc_ic.ic_if; 215 216 lwkt_serialize_enter(ifp->if_serializer); 217 for (;;) { 218 int error = 0; 219 220 /* 221 * Test to see whether we are detaching, 222 * this is used to avoid race condition 223 * especially when attaching fails. 224 */ 225 if ((sc->flags & IWI_FLAG_EXIT) == 0) { 226 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc), 0); 227 lwkt_serialize_exit(ifp->if_serializer); 228 error = tsleep(IWI_FW_WAKE_MONITOR(sc), 229 PINTERLOCKED, "iwifwm", 0); 230 lwkt_serialize_enter(ifp->if_serializer); 231 } 232 233 if (error == 0) { 234 int boff; 235 236 if (sc->flags & IWI_FLAG_EXIT) 237 break; 238 else if ((sc->flags & IWI_FLAG_RESET) == 0) 239 continue; 240 241 if_printf(ifp, "reset firmware\n"); 242 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) { 243 iwi_init(sc); 244 if (sc->flags & IWI_FLAG_FW_INITED) { 245 sc->flags &= ~IWI_FLAG_RESET; 246 } else if (boff > 10) { /* XXX */ 247 if_printf(ifp, "fw reset failed. " 248 "retrying...\n"); 249 250 /* XXX avoid to sleep to long */ 251 boff = 1; 252 } 253 254 /* 255 * Since this would be infinite loop, 256 * if reseting firmware never succeeded, 257 * we test to see whether we are detaching. 258 */ 259 if (sc->flags & IWI_FLAG_EXIT) 260 break; 261 262 tsleep_interlock(IWI_FW_CMD_ACKED(sc), 0); 263 lwkt_serialize_exit(ifp->if_serializer); 264 error = tsleep(IWI_FW_CMD_ACKED(sc), 265 PINTERLOCKED, 266 "iwirun", boff * hz); 267 lwkt_serialize_enter(ifp->if_serializer); 268 } 269 } 270 } 271 lwkt_serialize_exit(ifp->if_serializer); 272 273 if_printf(ifp, "fw monitor exiting\n"); 274 wakeup(IWI_FW_EXIT_MONITOR(sc)); 275 kthread_exit(); 276 } 277 278 static int 279 iwi_probe(device_t dev) 280 { 281 const struct iwi_ident *ident; 282 uint16_t vid, did; 283 284 vid = pci_get_vendor(dev); 285 did = pci_get_device(dev); 286 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 287 if (vid == ident->vendor && did == ident->device) { 288 device_set_desc(dev, ident->name); 289 return 0; 290 } 291 } 292 return ENXIO; 293 } 294 295 /* Base Address Register */ 296 #define IWI_PCI_BAR0 0x10 297 298 static int 299 iwi_attach(device_t dev) 300 { 301 struct iwi_softc *sc = device_get_softc(dev); 302 struct ieee80211com *ic = &sc->sc_ic; 303 struct ifnet *ifp = &ic->ic_if; 304 uint16_t val; 305 int error, i; 306 307 sc->sc_dev = dev; 308 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 309 310 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 311 device_printf(dev, "chip is in D%d power mode " 312 "-- setting to D0\n", pci_get_powerstate(dev)); 313 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 314 } 315 316 pci_write_config(dev, 0x41, 0, 1); 317 318 /* enable bus-mastering */ 319 pci_enable_busmaster(dev); 320 321 sc->mem_rid = IWI_PCI_BAR0; 322 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 323 RF_ACTIVE); 324 if (sc->mem == NULL) { 325 device_printf(dev, "could not allocate memory resource\n"); 326 return ENXIO; 327 } 328 sc->sc_st = rman_get_bustag(sc->mem); 329 sc->sc_sh = rman_get_bushandle(sc->mem); 330 331 sc->irq_rid = 0; 332 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 333 RF_ACTIVE | RF_SHAREABLE); 334 if (sc->irq == NULL) { 335 device_printf(dev, "could not allocate interrupt resource\n"); 336 goto fail; 337 } 338 339 if (iwi_reset(sc) != 0) { 340 device_printf(dev, "could not reset adapter\n"); 341 goto fail; 342 } 343 344 /* 345 * Allocate rings. 346 */ 347 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 348 if (error != 0) { 349 device_printf(dev, "could not allocate Cmd ring\n"); 350 goto fail; 351 } 352 353 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 354 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 355 if (error != 0) { 356 device_printf(dev, "could not allocate Tx ring 1\n"); 357 goto fail; 358 } 359 360 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 361 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 362 if (error != 0) { 363 device_printf(dev, "could not allocate Tx ring 2\n"); 364 goto fail; 365 } 366 367 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 368 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 369 if (error != 0) { 370 device_printf(dev, "could not allocate Tx ring 3\n"); 371 goto fail; 372 } 373 374 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 375 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 376 if (error != 0) { 377 device_printf(dev, "could not allocate Tx ring 4\n"); 378 goto fail; 379 } 380 381 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 382 if (error != 0) { 383 device_printf(dev, "could not allocate Rx ring\n"); 384 goto fail; 385 } 386 387 sysctl_ctx_init(&sc->sysctl_ctx); 388 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 389 SYSCTL_STATIC_CHILDREN(_hw), 390 OID_AUTO, 391 device_get_nameunit(dev), 392 CTLFLAG_RD, 393 0, ""); 394 if (sc->sysctl_tree == NULL) { 395 device_printf(dev, "sysctl add node failed\n"); 396 error = EIO; 397 goto fail; 398 } 399 400 ifp->if_softc = sc; 401 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 402 ifp->if_init = iwi_init; 403 ifp->if_ioctl = iwi_ioctl; 404 ifp->if_start = iwi_start; 405 ifp->if_watchdog = iwi_watchdog; 406 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 407 ifq_set_ready(&ifp->if_snd); 408 409 ic->ic_wme.wme_update = iwi_wme_update; 410 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 411 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 412 ic->ic_state = IEEE80211_S_INIT; 413 414 /* set device capabilities */ 415 ic->ic_caps = 416 IEEE80211_C_IBSS | /* IBSS mode supported */ 417 IEEE80211_C_MONITOR | /* monitor mode supported */ 418 IEEE80211_C_TXPMGT | /* tx power management */ 419 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 420 IEEE80211_C_WPA | /* 802.11i */ 421 IEEE80211_C_WME; /* 802.11e */ 422 423 /* read MAC address from EEPROM */ 424 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 425 ic->ic_myaddr[0] = val & 0xff; 426 ic->ic_myaddr[1] = val >> 8; 427 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 428 ic->ic_myaddr[2] = val & 0xff; 429 ic->ic_myaddr[3] = val >> 8; 430 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 431 ic->ic_myaddr[4] = val & 0xff; 432 ic->ic_myaddr[5] = val >> 8; 433 434 if (pci_get_device(dev) >= 0x4223) { 435 /* set supported .11a rates (2915ABG only) */ 436 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 437 438 /* set supported .11a channels */ 439 for (i = 36; i <= 64; i += 4) { 440 ic->ic_channels[i].ic_freq = 441 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 442 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 443 } 444 for (i = 149; i <= 165; i += 4) { 445 ic->ic_channels[i].ic_freq = 446 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 447 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 448 } 449 } 450 451 /* set supported .11b and .11g rates */ 452 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 453 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 454 455 /* set supported .11b and .11g channels (1 through 14) */ 456 for (i = 1; i <= 14; i++) { 457 ic->ic_channels[i].ic_freq = 458 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 459 ic->ic_channels[i].ic_flags = 460 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 461 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 462 } 463 464 ieee80211_ifattach(ic); 465 /* override default methods */ 466 ic->ic_node_alloc = iwi_node_alloc; 467 sc->sc_node_free = ic->ic_node_free; 468 ic->ic_node_free = iwi_node_free; 469 /* override state transition machine */ 470 sc->sc_newstate = ic->ic_newstate; 471 ic->ic_newstate = iwi_newstate; 472 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 473 474 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 475 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 476 477 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 478 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 479 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 480 481 sc->sc_txtap_len = sizeof sc->sc_txtapu; 482 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 483 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 484 485 /* 486 * Add a few sysctl knobs. 487 */ 488 sc->dwelltime = 100; 489 sc->bluetooth = 1; 490 sc->antenna = 0; 491 492 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 493 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 494 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 495 "radio transmitter switch state (0=off, 1=on)"); 496 497 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 498 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 499 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 500 "statistics"); 501 502 SYSCTL_ADD_INT(&sc->sysctl_ctx, 503 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 504 CTLFLAG_RW, &sc->dwelltime, 0, 505 "channel dwell time (ms) for AP/station scanning"); 506 507 SYSCTL_ADD_INT(&sc->sysctl_ctx, 508 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 509 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 510 511 SYSCTL_ADD_INT(&sc->sysctl_ctx, 512 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 513 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 514 515 /* 516 * Start firmware monitoring thread 517 * 518 * NOTE: 519 * This should be done only after serializer is initialized, 520 * i.e. after ieee80211_ifattach(), because serializer will be 521 * held once iwi_fw_monitor() is entered. 522 */ 523 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor, 524 "%s:fw-monitor", device_get_nameunit(dev)); 525 if (error) { 526 device_printf(dev, "could not create fw monitor\n"); 527 goto fail1; 528 } 529 sc->flags |= IWI_FLAG_MONITOR; 530 531 /* 532 * Hook our interrupt after all initialization is complete. 533 */ 534 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 535 &sc->sc_ih, ifp->if_serializer); 536 if (error != 0) { 537 device_printf(dev, "could not set up interrupt\n"); 538 goto fail1; 539 } 540 541 ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq)); 542 KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus); 543 544 if (bootverbose) 545 ieee80211_announce(ic); 546 547 return 0; 548 549 fail1: 550 bpfdetach(ifp); 551 ieee80211_ifdetach(ic); 552 fail: 553 iwi_detach(dev); 554 return ENXIO; 555 } 556 557 static int 558 iwi_detach(device_t dev) 559 { 560 struct iwi_softc *sc = device_get_softc(dev); 561 struct ieee80211com *ic = &sc->sc_ic; 562 struct ifnet *ifp = ic->ic_ifp; 563 564 if (sc->flags & IWI_FLAG_MONITOR) { 565 lwkt_serialize_enter(ifp->if_serializer); 566 sc->flags |= IWI_FLAG_EXIT; 567 wakeup(IWI_FW_WAKE_MONITOR(sc)); 568 569 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc), 0); 570 lwkt_serialize_exit(ifp->if_serializer); 571 tsleep(IWI_FW_EXIT_MONITOR(sc), PINTERLOCKED, "iwiexi", 0); 572 /* No need to hold serializer again */ 573 574 if_printf(ifp, "fw monitor exited\n"); 575 } 576 577 if (device_is_attached(dev)) { 578 lwkt_serialize_enter(ifp->if_serializer); 579 580 iwi_stop(sc); 581 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 582 iwi_free_firmware(sc); 583 584 lwkt_serialize_exit(ifp->if_serializer); 585 586 bpfdetach(ifp); 587 ieee80211_ifdetach(ic); 588 } 589 590 iwi_free_cmd_ring(sc, &sc->cmdq); 591 iwi_free_tx_ring(sc, &sc->txq[0]); 592 iwi_free_tx_ring(sc, &sc->txq[1]); 593 iwi_free_tx_ring(sc, &sc->txq[2]); 594 iwi_free_tx_ring(sc, &sc->txq[3]); 595 iwi_free_rx_ring(sc, &sc->rxq); 596 597 if (sc->irq != NULL) 598 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 599 600 if (sc->mem != NULL) 601 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 602 603 if (sc->sysctl_tree != NULL) 604 sysctl_ctx_free(&sc->sysctl_ctx); 605 606 return 0; 607 } 608 609 static void 610 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 611 { 612 if (error != 0) 613 return; 614 615 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 616 617 *(bus_addr_t *)arg = segs[0].ds_addr; 618 } 619 620 static int 621 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 622 { 623 int error; 624 625 ring->count = count; 626 ring->queued = 0; 627 ring->cur = ring->next = 0; 628 629 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 630 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 631 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 632 if (error != 0) { 633 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 634 goto fail; 635 } 636 637 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 638 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 639 if (error != 0) { 640 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 641 goto fail; 642 } 643 644 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 645 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 646 if (error != 0) { 647 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 648 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 649 ring->desc = NULL; 650 return error; 651 } 652 653 return 0; 654 655 fail: iwi_free_cmd_ring(sc, ring); 656 return error; 657 } 658 659 static void 660 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 661 { 662 ring->queued = 0; 663 ring->cur = ring->next = 0; 664 } 665 666 static void 667 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 668 { 669 if (ring->desc != NULL) { 670 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 671 BUS_DMASYNC_POSTWRITE); 672 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 673 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 674 ring->desc = NULL; 675 } 676 677 if (ring->desc_dmat != NULL) { 678 bus_dma_tag_destroy(ring->desc_dmat); 679 ring->desc_dmat = NULL; 680 } 681 } 682 683 static int 684 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 685 bus_addr_t csr_ridx, bus_addr_t csr_widx) 686 { 687 int i, error; 688 689 ring->count = count; 690 ring->queued = 0; 691 ring->cur = ring->next = 0; 692 ring->csr_ridx = csr_ridx; 693 ring->csr_widx = csr_widx; 694 695 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 696 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 697 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 698 if (error != 0) { 699 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 700 goto fail; 701 } 702 703 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 704 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 705 if (error != 0) { 706 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 707 goto fail; 708 } 709 710 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 711 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 712 if (error != 0) { 713 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 714 715 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 716 ring->desc = NULL; 717 goto fail; 718 } 719 720 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 721 M_WAITOK | M_ZERO); 722 723 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 724 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 725 MCLBYTES, 0, &ring->data_dmat); 726 if (error != 0) { 727 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 728 goto fail; 729 } 730 731 for (i = 0; i < count; i++) { 732 error = bus_dmamap_create(ring->data_dmat, 0, 733 &ring->data[i].map); 734 if (error != 0) { 735 device_printf(sc->sc_dev, "could not create DMA map\n"); 736 goto fail; 737 } 738 } 739 740 return 0; 741 742 fail: iwi_free_tx_ring(sc, ring); 743 return error; 744 } 745 746 static void 747 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 748 { 749 struct iwi_tx_data *data; 750 int i; 751 752 for (i = 0; i < ring->count; i++) { 753 data = &ring->data[i]; 754 755 if (data->m != NULL) { 756 bus_dmamap_sync(ring->data_dmat, data->map, 757 BUS_DMASYNC_POSTWRITE); 758 bus_dmamap_unload(ring->data_dmat, data->map); 759 m_freem(data->m); 760 data->m = NULL; 761 } 762 763 if (data->ni != NULL) { 764 ieee80211_free_node(data->ni); 765 data->ni = NULL; 766 } 767 } 768 769 ring->queued = 0; 770 ring->cur = ring->next = 0; 771 } 772 773 static void 774 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 775 { 776 struct iwi_tx_data *data; 777 int i; 778 779 if (ring->desc != NULL) { 780 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 781 BUS_DMASYNC_POSTWRITE); 782 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 783 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 784 ring->desc = NULL; 785 } 786 787 if (ring->desc_dmat != NULL) { 788 bus_dma_tag_destroy(ring->desc_dmat); 789 ring->desc_dmat = NULL; 790 } 791 792 if (ring->data != NULL) { 793 for (i = 0; i < ring->count; i++) { 794 data = &ring->data[i]; 795 796 if (data->m != NULL) { 797 bus_dmamap_sync(ring->data_dmat, data->map, 798 BUS_DMASYNC_POSTWRITE); 799 bus_dmamap_unload(ring->data_dmat, data->map); 800 m_freem(data->m); 801 data->m = NULL; 802 } 803 804 if (data->ni != NULL) { 805 ieee80211_free_node(data->ni); 806 data->ni = NULL; 807 } 808 809 if (data->map != NULL) { 810 bus_dmamap_destroy(ring->data_dmat, data->map); 811 data->map = NULL; 812 } 813 } 814 815 kfree(ring->data, M_DEVBUF); 816 ring->data = NULL; 817 } 818 819 if (ring->data_dmat != NULL) { 820 bus_dma_tag_destroy(ring->data_dmat); 821 ring->data_dmat = NULL; 822 } 823 } 824 825 static int 826 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 827 { 828 struct iwi_rx_data *data; 829 int i, error; 830 831 ring->count = count; 832 ring->cur = 0; 833 834 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 835 M_WAITOK | M_ZERO); 836 837 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 838 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 839 &ring->data_dmat); 840 if (error != 0) { 841 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 842 goto fail; 843 } 844 845 for (i = 0; i < count; i++) { 846 data = &ring->data[i]; 847 848 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 849 if (error != 0) { 850 device_printf(sc->sc_dev, "could not create DMA map\n"); 851 goto fail; 852 } 853 854 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 855 if (data->m == NULL) { 856 device_printf(sc->sc_dev, 857 "could not allocate rx mbuf\n"); 858 error = ENOMEM; 859 goto fail; 860 } 861 862 error = bus_dmamap_load(ring->data_dmat, data->map, 863 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 864 &data->physaddr, 0); 865 if (error != 0) { 866 device_printf(sc->sc_dev, 867 "could not load rx buf DMA map"); 868 869 m_freem(data->m); 870 data->m = NULL; 871 goto fail; 872 } 873 874 data->reg = IWI_CSR_RX_BASE + i * 4; 875 } 876 877 return 0; 878 879 fail: iwi_free_rx_ring(sc, ring); 880 return error; 881 } 882 883 static void 884 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 885 { 886 ring->cur = 0; 887 } 888 889 static void 890 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 891 { 892 struct iwi_rx_data *data; 893 int i; 894 895 if (ring->data != NULL) { 896 for (i = 0; i < ring->count; i++) { 897 data = &ring->data[i]; 898 899 if (data->m != NULL) { 900 bus_dmamap_sync(ring->data_dmat, data->map, 901 BUS_DMASYNC_POSTREAD); 902 bus_dmamap_unload(ring->data_dmat, data->map); 903 m_freem(data->m); 904 data->m = NULL; 905 } 906 907 if (data->map != NULL) { 908 bus_dmamap_destroy(ring->data_dmat, data->map); 909 data->map = NULL; 910 } 911 } 912 913 kfree(ring->data, M_DEVBUF); 914 ring->data = NULL; 915 } 916 917 if (ring->data_dmat != NULL) { 918 bus_dma_tag_destroy(ring->data_dmat); 919 ring->data_dmat = NULL; 920 } 921 } 922 923 static int 924 iwi_shutdown(device_t dev) 925 { 926 struct iwi_softc *sc = device_get_softc(dev); 927 struct ifnet *ifp = &sc->sc_ic.ic_if; 928 929 lwkt_serialize_enter(ifp->if_serializer); 930 iwi_stop(sc); 931 lwkt_serialize_exit(ifp->if_serializer); 932 933 return 0; 934 } 935 936 static int 937 iwi_suspend(device_t dev) 938 { 939 struct iwi_softc *sc = device_get_softc(dev); 940 struct ifnet *ifp = &sc->sc_ic.ic_if; 941 942 lwkt_serialize_enter(ifp->if_serializer); 943 iwi_stop(sc); 944 lwkt_serialize_exit(ifp->if_serializer); 945 946 return 0; 947 } 948 949 static int 950 iwi_resume(device_t dev) 951 { 952 struct iwi_softc *sc = device_get_softc(dev); 953 struct ifnet *ifp = sc->sc_ic.ic_ifp; 954 955 lwkt_serialize_enter(ifp->if_serializer); 956 957 pci_write_config(dev, 0x41, 0, 1); 958 959 if (ifp->if_flags & IFF_UP) { 960 ifp->if_init(ifp->if_softc); 961 if (ifp->if_flags & IFF_RUNNING) 962 if_devstart(ifp); 963 } 964 965 lwkt_serialize_exit(ifp->if_serializer); 966 967 return 0; 968 } 969 970 static struct ieee80211_node * 971 iwi_node_alloc(struct ieee80211_node_table *nt) 972 { 973 struct iwi_node *in; 974 975 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 976 if (in == NULL) 977 return NULL; 978 979 in->in_station = -1; 980 981 return &in->in_node; 982 } 983 984 static void 985 iwi_node_free(struct ieee80211_node *ni) 986 { 987 struct ieee80211com *ic = ni->ni_ic; 988 struct iwi_softc *sc = ic->ic_ifp->if_softc; 989 struct iwi_node *in = (struct iwi_node *)ni; 990 991 if (in->in_station != -1) 992 iwi_free_ibss_node(sc, in->in_station); 993 994 sc->sc_node_free(ni); 995 } 996 997 static int 998 iwi_media_change(struct ifnet *ifp) 999 { 1000 struct iwi_softc *sc = ifp->if_softc; 1001 int error; 1002 1003 ASSERT_SERIALIZED(ifp->if_serializer); 1004 1005 error = ieee80211_media_change(ifp); 1006 if (error != ENETRESET) 1007 return error; 1008 1009 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1010 iwi_init(sc); 1011 return 0; 1012 } 1013 1014 /* 1015 * Convert h/w rate code to IEEE rate code. 1016 */ 1017 static int 1018 iwi_cvtrate(int iwirate) 1019 { 1020 switch (iwirate) { 1021 case IWI_RATE_DS1: return 2; 1022 case IWI_RATE_DS2: return 4; 1023 case IWI_RATE_DS5: return 11; 1024 case IWI_RATE_DS11: return 22; 1025 case IWI_RATE_OFDM6: return 12; 1026 case IWI_RATE_OFDM9: return 18; 1027 case IWI_RATE_OFDM12: return 24; 1028 case IWI_RATE_OFDM18: return 36; 1029 case IWI_RATE_OFDM24: return 48; 1030 case IWI_RATE_OFDM36: return 72; 1031 case IWI_RATE_OFDM48: return 96; 1032 case IWI_RATE_OFDM54: return 108; 1033 } 1034 return 0; 1035 } 1036 1037 /* 1038 * The firmware automatically adapts the transmit speed. We report its current 1039 * value here. 1040 */ 1041 static void 1042 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1043 { 1044 struct iwi_softc *sc = ifp->if_softc; 1045 struct ieee80211com *ic = &sc->sc_ic; 1046 int rate; 1047 1048 imr->ifm_status = IFM_AVALID; 1049 imr->ifm_active = IFM_IEEE80211; 1050 if (ic->ic_state == IEEE80211_S_RUN) 1051 imr->ifm_status |= IFM_ACTIVE; 1052 1053 /* read current transmission rate from adapter */ 1054 rate = iwi_cvtrate(CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE)); 1055 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 1056 1057 if (ic->ic_opmode == IEEE80211_M_IBSS) 1058 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1059 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1060 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1061 } 1062 1063 static int 1064 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1065 { 1066 struct ifnet *ifp = ic->ic_ifp; 1067 struct iwi_softc *sc = ifp->if_softc; 1068 enum ieee80211_state ostate; 1069 uint32_t tmp; 1070 1071 ostate = ic->ic_state; 1072 1073 switch (nstate) { 1074 case IEEE80211_S_SCAN: 1075 if (sc->flags & IWI_FLAG_SCANNING) 1076 break; 1077 1078 ieee80211_node_table_reset(&ic->ic_scan); 1079 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1080 sc->flags |= IWI_FLAG_SCANNING; 1081 iwi_scan(sc); 1082 break; 1083 1084 case IEEE80211_S_AUTH: 1085 iwi_auth_and_assoc(sc); 1086 break; 1087 1088 case IEEE80211_S_RUN: 1089 if (ic->ic_opmode == IEEE80211_M_IBSS) 1090 iwi_auth_and_assoc(sc); 1091 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1092 iwi_set_chan(sc, ic->ic_ibss_chan); 1093 1094 /* assoc led on */ 1095 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1096 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1097 1098 return sc->sc_newstate(ic, nstate, 1099 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1100 1101 case IEEE80211_S_ASSOC: 1102 break; 1103 1104 case IEEE80211_S_INIT: 1105 sc->flags &= ~IWI_FLAG_SCANNING; 1106 1107 if (ostate != IEEE80211_S_RUN) 1108 break; 1109 1110 /* assoc led off */ 1111 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1112 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1113 break; 1114 } 1115 1116 ic->ic_state = nstate; 1117 1118 return 0; 1119 } 1120 1121 /* 1122 * WME parameters coming from IEEE 802.11e specification. These values are 1123 * already declared in ieee80211_proto.c, but they are static so they can't 1124 * be reused here. 1125 */ 1126 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1127 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1128 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1129 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1130 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1131 }; 1132 1133 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1134 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1135 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1136 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1137 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1138 }; 1139 1140 static int 1141 iwi_wme_update(struct ieee80211com *ic) 1142 { 1143 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1144 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1145 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1146 struct iwi_wme_params wme[3]; 1147 const struct wmeParams *wmep; 1148 int ac; 1149 1150 /* 1151 * We shall not override firmware default WME values if WME is not 1152 * actually enabled. 1153 */ 1154 if (!(ic->ic_flags & IEEE80211_F_WME)) 1155 return 0; 1156 1157 for (ac = 0; ac < WME_NUM_AC; ac++) { 1158 /* set WME values for current operating mode */ 1159 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1160 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1161 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1162 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1163 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1164 wme[0].acm[ac] = wmep->wmep_acm; 1165 1166 /* set WME values for CCK modulation */ 1167 wmep = &iwi_wme_cck_params[ac]; 1168 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1169 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1170 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1171 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1172 wme[1].acm[ac] = wmep->wmep_acm; 1173 1174 /* set WME values for OFDM modulation */ 1175 wmep = &iwi_wme_ofdm_params[ac]; 1176 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1177 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1178 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1179 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1180 wme[2].acm[ac] = wmep->wmep_acm; 1181 } 1182 1183 DPRINTF(("Setting WME parameters\n")); 1184 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1185 #undef IWI_USEC 1186 #undef IWI_EXP2 1187 } 1188 1189 /* 1190 * Read 16 bits at address 'addr' from the serial EEPROM. 1191 */ 1192 static uint16_t 1193 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1194 { 1195 uint32_t tmp; 1196 uint16_t val; 1197 int n; 1198 1199 /* Clock C once before the first command */ 1200 IWI_EEPROM_CTL(sc, 0); 1201 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1202 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1203 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1204 1205 /* Write start bit (1) */ 1206 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1207 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1208 1209 /* Write READ opcode (10) */ 1210 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1211 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1212 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1213 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1214 1215 /* Write address A7-A0 */ 1216 for (n = 7; n >= 0; n--) { 1217 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1218 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1219 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1220 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1221 } 1222 1223 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1224 1225 /* Read data Q15-Q0 */ 1226 val = 0; 1227 for (n = 15; n >= 0; n--) { 1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1229 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1230 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1231 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1232 } 1233 1234 IWI_EEPROM_CTL(sc, 0); 1235 1236 /* Clear Chip Select and clock C */ 1237 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1238 IWI_EEPROM_CTL(sc, 0); 1239 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1240 1241 return val; 1242 } 1243 1244 /* 1245 * XXX: Hack to set the current channel to the value advertised in beacons or 1246 * probe responses. Only used during AP detection. 1247 */ 1248 static void 1249 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1250 { 1251 struct ieee80211_frame *wh; 1252 uint8_t subtype; 1253 uint8_t *frm, *efrm; 1254 1255 wh = mtod(m, struct ieee80211_frame *); 1256 1257 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1258 return; 1259 1260 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1261 1262 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1263 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1264 return; 1265 1266 frm = (uint8_t *)(wh + 1); 1267 efrm = mtod(m, uint8_t *) + m->m_len; 1268 1269 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1270 while (frm < efrm) { 1271 if (*frm == IEEE80211_ELEMID_DSPARMS) 1272 #if IEEE80211_CHAN_MAX < 255 1273 if (frm[2] <= IEEE80211_CHAN_MAX) 1274 #endif 1275 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1276 1277 frm += frm[1] + 2; 1278 } 1279 } 1280 1281 static void 1282 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1283 struct iwi_frame *frame) 1284 { 1285 struct ieee80211com *ic = &sc->sc_ic; 1286 struct ifnet *ifp = ic->ic_ifp; 1287 struct mbuf *mnew, *m; 1288 struct ieee80211_frame *wh; 1289 struct ieee80211_node *ni; 1290 int error; 1291 1292 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1293 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1294 1295 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1296 return; 1297 1298 /* 1299 * Try to allocate a new mbuf for this ring element and load it before 1300 * processing the current mbuf. If the ring element cannot be loaded, 1301 * drop the received packet and reuse the old mbuf. In the unlikely 1302 * case that the old mbuf can't be reloaded either, explicitly panic. 1303 */ 1304 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1305 if (mnew == NULL) { 1306 ifp->if_ierrors++; 1307 return; 1308 } 1309 1310 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1311 1312 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1313 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1314 0); 1315 if (error != 0) { 1316 m_freem(mnew); 1317 1318 /* try to reload the old mbuf */ 1319 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1320 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1321 &data->physaddr, 0); 1322 if (error != 0) { 1323 /* very unlikely that it will fail... */ 1324 panic("%s: could not load old rx mbuf", 1325 device_get_name(sc->sc_dev)); 1326 } 1327 ifp->if_ierrors++; 1328 return; 1329 } 1330 1331 /* 1332 * New mbuf successfully loaded, update Rx ring and continue 1333 * processing. 1334 */ 1335 m = data->m; 1336 data->m = mnew; 1337 CSR_WRITE_4(sc, data->reg, data->physaddr); 1338 1339 /* Finalize mbuf */ 1340 m->m_pkthdr.rcvif = ifp; 1341 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1342 sizeof (struct iwi_frame) + le16toh(frame->len); 1343 1344 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1345 1346 if (ic->ic_state == IEEE80211_S_SCAN) 1347 iwi_fix_channel(ic, m); 1348 1349 if (sc->sc_drvbpf != NULL) { 1350 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1351 1352 tap->wr_flags = 0; 1353 tap->wr_rate = frame->rate; 1354 tap->wr_chan_freq = 1355 htole16(ic->ic_channels[frame->chan].ic_freq); 1356 tap->wr_chan_flags = 1357 htole16(ic->ic_channels[frame->chan].ic_flags); 1358 tap->wr_antsignal = frame->signal; 1359 tap->wr_antenna = frame->antenna; 1360 1361 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1362 } 1363 1364 wh = mtod(m, struct ieee80211_frame *); 1365 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1366 1367 /* send the frame to the 802.11 layer */ 1368 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1369 1370 /* node is no longer needed */ 1371 ieee80211_free_node(ni); 1372 } 1373 1374 static void 1375 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1376 { 1377 struct ieee80211com *ic = &sc->sc_ic; 1378 struct iwi_notif_scan_channel *chan; 1379 struct iwi_notif_scan_complete *scan; 1380 struct iwi_notif_authentication *auth; 1381 struct iwi_notif_association *assoc; 1382 1383 switch (notif->type) { 1384 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1385 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1386 1387 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1388 break; 1389 1390 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1391 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1392 1393 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1394 scan->status)); 1395 1396 /* monitor mode uses scan to set the channel ... */ 1397 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1398 sc->flags &= ~IWI_FLAG_SCANNING; 1399 ieee80211_end_scan(ic); 1400 } else 1401 iwi_set_chan(sc, ic->ic_ibss_chan); 1402 break; 1403 1404 case IWI_NOTIF_TYPE_AUTHENTICATION: 1405 auth = (struct iwi_notif_authentication *)(notif + 1); 1406 1407 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1408 1409 switch (auth->state) { 1410 case IWI_AUTHENTICATED: 1411 ieee80211_node_authorize(ic->ic_bss); 1412 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1413 break; 1414 1415 case IWI_DEAUTHENTICATED: 1416 break; 1417 1418 default: 1419 device_printf(sc->sc_dev, 1420 "unknown authentication state %u\n", auth->state); 1421 } 1422 break; 1423 1424 case IWI_NOTIF_TYPE_ASSOCIATION: 1425 assoc = (struct iwi_notif_association *)(notif + 1); 1426 1427 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1428 assoc->status)); 1429 1430 switch (assoc->state) { 1431 case IWI_AUTHENTICATED: 1432 /* re-association, do nothing */ 1433 break; 1434 1435 case IWI_ASSOCIATED: 1436 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1437 break; 1438 1439 case IWI_DEASSOCIATED: 1440 ieee80211_begin_scan(ic, 1); 1441 break; 1442 1443 default: 1444 device_printf(sc->sc_dev, 1445 "unknown association state %u\n", assoc->state); 1446 } 1447 break; 1448 1449 default: 1450 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1451 } 1452 } 1453 1454 static void 1455 iwi_rx_intr(struct iwi_softc *sc) 1456 { 1457 struct iwi_rx_data *data; 1458 struct iwi_hdr *hdr; 1459 uint32_t hw; 1460 1461 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1462 1463 for (; sc->rxq.cur != hw;) { 1464 data = &sc->rxq.data[sc->rxq.cur]; 1465 1466 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1467 BUS_DMASYNC_POSTREAD); 1468 1469 hdr = mtod(data->m, struct iwi_hdr *); 1470 1471 switch (hdr->type) { 1472 case IWI_HDR_TYPE_FRAME: 1473 iwi_frame_intr(sc, data, sc->rxq.cur, 1474 (struct iwi_frame *)(hdr + 1)); 1475 break; 1476 1477 case IWI_HDR_TYPE_NOTIF: 1478 iwi_notification_intr(sc, 1479 (struct iwi_notif *)(hdr + 1)); 1480 break; 1481 1482 default: 1483 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1484 hdr->type); 1485 } 1486 1487 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1488 1489 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1490 } 1491 1492 /* Tell the firmware what we have processed */ 1493 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1494 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1495 } 1496 1497 static void 1498 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1499 { 1500 struct ieee80211com *ic = &sc->sc_ic; 1501 struct ifnet *ifp = ic->ic_ifp; 1502 struct iwi_tx_data *data; 1503 uint32_t hw; 1504 1505 hw = CSR_READ_4(sc, txq->csr_ridx); 1506 1507 for (; txq->next != hw;) { 1508 data = &txq->data[txq->next]; 1509 1510 bus_dmamap_sync(txq->data_dmat, data->map, 1511 BUS_DMASYNC_POSTWRITE); 1512 bus_dmamap_unload(txq->data_dmat, data->map); 1513 m_freem(data->m); 1514 data->m = NULL; 1515 ieee80211_free_node(data->ni); 1516 data->ni = NULL; 1517 1518 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1519 1520 ifp->if_opackets++; 1521 1522 txq->queued--; 1523 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1524 } 1525 1526 sc->sc_tx_timer = 0; 1527 ifp->if_flags &= ~IFF_OACTIVE; 1528 if_devstart(ifp); 1529 } 1530 1531 static void 1532 iwi_intr(void *arg) 1533 { 1534 struct iwi_softc *sc = arg; 1535 uint32_t r; 1536 1537 r = CSR_READ_4(sc, IWI_CSR_INTR); 1538 if (r == 0 || r == 0xffffffff) 1539 return; 1540 1541 /* disable interrupts */ 1542 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1543 1544 if (r & IWI_INTR_FATAL_ERROR) { 1545 device_printf(sc->sc_dev, "fatal error\n"); 1546 1547 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) { 1548 sc->flags |= IWI_FLAG_RESET; 1549 device_printf(sc->sc_dev, "wake firmware monitor\n"); 1550 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1551 } 1552 } 1553 1554 if (r & IWI_INTR_PARITY_ERROR) { 1555 device_printf(sc->sc_dev, "parity error\n"); 1556 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1557 iwi_stop(sc); 1558 } 1559 1560 if (r & IWI_INTR_FW_INITED) { 1561 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1562 wakeup(IWI_FW_INITIALIZED(sc)); 1563 } 1564 1565 if (r & IWI_INTR_RADIO_OFF) { 1566 DPRINTF(("radio transmitter turned off\n")); 1567 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1568 iwi_stop(sc); 1569 } 1570 1571 if (r & IWI_INTR_CMD_DONE) 1572 wakeup(IWI_FW_CMD_ACKED(sc)); 1573 1574 if (r & IWI_INTR_TX1_DONE) 1575 iwi_tx_intr(sc, &sc->txq[0]); 1576 1577 if (r & IWI_INTR_TX2_DONE) 1578 iwi_tx_intr(sc, &sc->txq[1]); 1579 1580 if (r & IWI_INTR_TX3_DONE) 1581 iwi_tx_intr(sc, &sc->txq[2]); 1582 1583 if (r & IWI_INTR_TX4_DONE) 1584 iwi_tx_intr(sc, &sc->txq[3]); 1585 1586 if (r & IWI_INTR_RX_DONE) 1587 iwi_rx_intr(sc); 1588 1589 /* acknowledge interrupts */ 1590 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1591 1592 /* re-enable interrupts */ 1593 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1594 } 1595 1596 static int 1597 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1598 { 1599 struct iwi_cmd_desc *desc; 1600 struct ifnet *ifp = &sc->sc_ic.ic_if; 1601 int ret; 1602 1603 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1604 1605 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1606 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1607 desc->type = type; 1608 desc->len = len; 1609 memcpy(desc->data, data, len); 1610 1611 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1612 BUS_DMASYNC_PREWRITE); 1613 1614 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1615 type, len)); 1616 1617 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1618 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1619 1620 if (!async) { 1621 ASSERT_SERIALIZED(ifp->if_serializer); 1622 1623 tsleep_interlock(IWI_FW_CMD_ACKED(sc), 0); 1624 lwkt_serialize_exit(ifp->if_serializer); 1625 ret = tsleep(IWI_FW_CMD_ACKED(sc), PINTERLOCKED, "iwicmd", hz); 1626 lwkt_serialize_enter(ifp->if_serializer); 1627 } else { 1628 ret = 0; 1629 } 1630 1631 return ret; 1632 } 1633 1634 static void 1635 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1636 { 1637 struct iwi_ibssnode node; 1638 1639 /* write node information into NIC memory */ 1640 memset(&node, 0, sizeof node); 1641 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1642 1643 CSR_WRITE_REGION_1(sc, 1644 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1645 (uint8_t *)&node, sizeof node); 1646 } 1647 1648 struct iwi_dma_mapping { 1649 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1650 int nseg; 1651 bus_size_t mapsize; 1652 }; 1653 1654 static void 1655 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1656 bus_size_t mapsize, int error) 1657 { 1658 struct iwi_dma_mapping *map = arg; 1659 1660 if (error != 0) 1661 return; 1662 1663 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1664 1665 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1666 map->nseg = nseg; 1667 map->mapsize = mapsize; 1668 } 1669 1670 static int 1671 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1672 int ac) 1673 { 1674 struct iwi_softc *sc = ifp->if_softc; 1675 struct ieee80211com *ic = &sc->sc_ic; 1676 struct iwi_node *in = (struct iwi_node *)ni; 1677 struct ieee80211_frame *wh; 1678 struct ieee80211_key *k; 1679 const struct chanAccParams *cap; 1680 struct iwi_tx_ring *txq = &sc->txq[ac]; 1681 struct iwi_tx_data *data; 1682 struct iwi_tx_desc *desc; 1683 struct mbuf *mnew; 1684 struct iwi_dma_mapping map; 1685 int error, hdrlen, i, noack = 0; 1686 1687 wh = mtod(m0, struct ieee80211_frame *); 1688 1689 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1690 hdrlen = sizeof (struct ieee80211_qosframe); 1691 cap = &ic->ic_wme.wme_chanParams; 1692 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1693 } else 1694 hdrlen = sizeof (struct ieee80211_frame); 1695 1696 /* 1697 * This is only used in IBSS mode where the firmware expect an index 1698 * in a h/w table instead of a destination address. 1699 */ 1700 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1701 in->in_station = iwi_alloc_ibss_node(sc); 1702 if (in->in_station == -1) { /* h/w table is full */ 1703 m_freem(m0); 1704 ieee80211_free_node(ni); 1705 ifp->if_oerrors++; 1706 if_printf(ifp, "ibss table is full\n"); 1707 return 0; 1708 } 1709 iwi_write_ibssnode(sc, in); 1710 } 1711 1712 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1713 k = ieee80211_crypto_encap(ic, ni, m0); 1714 if (k == NULL) { 1715 m_freem(m0); 1716 return ENOBUFS; 1717 } 1718 1719 /* packet header may have moved, reset our local pointer */ 1720 wh = mtod(m0, struct ieee80211_frame *); 1721 } 1722 1723 if (sc->sc_drvbpf != NULL) { 1724 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1725 1726 tap->wt_flags = 0; 1727 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1728 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1729 1730 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1731 } 1732 1733 data = &txq->data[txq->cur]; 1734 desc = &txq->desc[txq->cur]; 1735 1736 /* save and trim IEEE802.11 header */ 1737 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1738 m_adj(m0, hdrlen); 1739 1740 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1741 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1742 if (error != 0 && error != EFBIG) { 1743 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1744 error); 1745 m_freem(m0); 1746 return error; 1747 } 1748 if (error != 0) { 1749 mnew = m_defrag(m0, MB_DONTWAIT); 1750 if (mnew == NULL) { 1751 device_printf(sc->sc_dev, 1752 "could not defragment mbuf\n"); 1753 m_freem(m0); 1754 return ENOBUFS; 1755 } 1756 m0 = mnew; 1757 1758 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1759 iwi_dma_map_mbuf, &map, 1760 BUS_DMA_NOWAIT); 1761 if (error != 0) { 1762 device_printf(sc->sc_dev, 1763 "could not map mbuf (error %d)\n", error); 1764 m_freem(m0); 1765 return error; 1766 } 1767 } 1768 1769 data->m = m0; 1770 data->ni = ni; 1771 1772 desc->hdr.type = IWI_HDR_TYPE_DATA; 1773 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1774 desc->station = 1775 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1776 desc->cmd = IWI_DATA_CMD_TX; 1777 desc->len = htole16(m0->m_pkthdr.len); 1778 desc->flags = 0; 1779 desc->xflags = 0; 1780 1781 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1782 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1783 1784 #if 0 1785 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1786 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1787 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1788 } else 1789 #endif 1790 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1791 1792 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1793 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1794 1795 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1796 desc->xflags |= IWI_DATA_XFLAG_QOS; 1797 1798 desc->nseg = htole32(map.nseg); 1799 for (i = 0; i < map.nseg; i++) { 1800 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1801 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1802 } 1803 1804 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1805 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1806 1807 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1808 ac, txq->cur, le16toh(desc->len), map.nseg)); 1809 1810 txq->queued++; 1811 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1812 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1813 1814 return 0; 1815 } 1816 1817 static void 1818 iwi_start(struct ifnet *ifp) 1819 { 1820 struct iwi_softc *sc = ifp->if_softc; 1821 struct ieee80211com *ic = &sc->sc_ic; 1822 struct mbuf *m0; 1823 struct ether_header *eh; 1824 struct ieee80211_node *ni; 1825 int ac; 1826 1827 ieee80211_drain_mgtq(&ic->ic_mgtq); 1828 if (ic->ic_state != IEEE80211_S_RUN) { 1829 ifq_purge(&ifp->if_snd); 1830 return; 1831 } 1832 1833 for (;;) { 1834 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1835 if (m0 == NULL) 1836 break; 1837 1838 if (m0->m_len < sizeof (struct ether_header) && 1839 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1840 ifp->if_oerrors++; 1841 continue; 1842 } 1843 eh = mtod(m0, struct ether_header *); 1844 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1845 if (ni == NULL) { 1846 m_freem(m0); 1847 ifp->if_oerrors++; 1848 continue; 1849 } 1850 1851 /* classify mbuf so we can find which tx ring to use */ 1852 if (ieee80211_classify(ic, m0, ni) != 0) { 1853 m_freem(m0); 1854 ieee80211_free_node(ni); 1855 ifp->if_oerrors++; 1856 continue; 1857 } 1858 1859 /* no QoS encapsulation for EAPOL frames */ 1860 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1861 M_WME_GETAC(m0) : WME_AC_BE; 1862 1863 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1864 /* there is no place left in this ring */ 1865 m_freem(m0); 1866 ieee80211_free_node(ni); 1867 ifp->if_flags |= IFF_OACTIVE; 1868 break; 1869 } 1870 1871 BPF_MTAP(ifp, m0); 1872 1873 m0 = ieee80211_encap(ic, m0, ni); 1874 if (m0 == NULL) { 1875 ieee80211_free_node(ni); 1876 ifp->if_oerrors++; 1877 continue; 1878 } 1879 1880 if (ic->ic_rawbpf != NULL) 1881 bpf_mtap(ic->ic_rawbpf, m0); 1882 1883 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1884 ieee80211_free_node(ni); 1885 ifp->if_oerrors++; 1886 break; 1887 } 1888 1889 sc->sc_tx_timer = 5; 1890 ifp->if_timer = 1; 1891 } 1892 } 1893 1894 static void 1895 iwi_watchdog(struct ifnet *ifp) 1896 { 1897 struct iwi_softc *sc = ifp->if_softc; 1898 struct ieee80211com *ic = &sc->sc_ic; 1899 1900 ifp->if_timer = 0; 1901 1902 if (sc->sc_tx_timer > 0) { 1903 if (--sc->sc_tx_timer == 0) { 1904 if_printf(ifp, "device timeout\n"); 1905 ifp->if_oerrors++; 1906 sc->flags |= IWI_FLAG_RESET; 1907 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1908 return; 1909 } 1910 ifp->if_timer = 1; 1911 } 1912 1913 ieee80211_watchdog(ic); 1914 } 1915 1916 static int 1917 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1918 { 1919 struct iwi_softc *sc = ifp->if_softc; 1920 struct ieee80211com *ic = &sc->sc_ic; 1921 int error = 0; 1922 1923 switch (cmd) { 1924 case SIOCSIFFLAGS: 1925 if (ifp->if_flags & IFF_UP) { 1926 if (!(ifp->if_flags & IFF_RUNNING)) 1927 iwi_init(sc); 1928 } else { 1929 if (ifp->if_flags & IFF_RUNNING) 1930 iwi_stop(sc); 1931 } 1932 break; 1933 1934 default: 1935 error = ieee80211_ioctl(ic, cmd, data, cr); 1936 } 1937 1938 if (error == ENETRESET) { 1939 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1940 (IFF_UP | IFF_RUNNING) && 1941 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1942 iwi_init(sc); 1943 error = 0; 1944 } 1945 1946 return error; 1947 } 1948 1949 static void 1950 iwi_stop_master(struct iwi_softc *sc) 1951 { 1952 uint32_t tmp; 1953 int ntries; 1954 1955 /* disable interrupts */ 1956 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1957 1958 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1959 for (ntries = 0; ntries < 5; ntries++) { 1960 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1961 break; 1962 DELAY(10); 1963 } 1964 if (ntries == 5) 1965 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 1966 1967 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1968 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 1969 1970 sc->flags &= ~IWI_FLAG_FW_INITED; 1971 } 1972 1973 static int 1974 iwi_reset(struct iwi_softc *sc) 1975 { 1976 uint32_t tmp; 1977 int i, ntries; 1978 1979 iwi_stop_master(sc); 1980 1981 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1982 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1983 1984 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 1985 1986 /* Wait for clock stabilization */ 1987 for (ntries = 0; ntries < 1000; ntries++) { 1988 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 1989 break; 1990 DELAY(200); 1991 } 1992 if (ntries == 1000) { 1993 if_printf(&sc->sc_ic.ic_if, 1994 "timeout waiting for clock stabilization\n"); 1995 return EIO; 1996 } 1997 1998 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1999 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2000 2001 DELAY(10); 2002 2003 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2004 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2005 2006 /* Clear NIC memory */ 2007 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2008 for (i = 0; i < 0xc000; i++) 2009 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2010 2011 return 0; 2012 } 2013 2014 static int 2015 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2016 { 2017 uint32_t tmp; 2018 uint16_t *w; 2019 int ntries, i; 2020 2021 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2022 IWI_RST_STOP_MASTER); 2023 for (ntries = 0; ntries < 5; ntries++) { 2024 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2025 break; 2026 DELAY(10); 2027 } 2028 if (ntries == 5) { 2029 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2030 return EIO; 2031 } 2032 2033 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2034 DELAY(5000); 2035 2036 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2037 tmp &= ~IWI_RST_PRINCETON_RESET; 2038 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2039 2040 DELAY(5000); 2041 MEM_WRITE_4(sc, 0x3000e0, 0); 2042 DELAY(1000); 2043 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 2044 DELAY(1000); 2045 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 2046 DELAY(1000); 2047 MEM_WRITE_1(sc, 0x200000, 0x00); 2048 MEM_WRITE_1(sc, 0x200000, 0x40); 2049 DELAY(1000); 2050 2051 /* write microcode into adapter memory */ 2052 for (w = uc; size > 0; w++, size -= 2) 2053 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2054 2055 MEM_WRITE_1(sc, 0x200000, 0x00); 2056 MEM_WRITE_1(sc, 0x200000, 0x80); 2057 2058 /* wait until we get an answer */ 2059 for (ntries = 0; ntries < 100; ntries++) { 2060 if (MEM_READ_1(sc, 0x200000) & 1) 2061 break; 2062 DELAY(100); 2063 } 2064 if (ntries == 100) { 2065 device_printf(sc->sc_dev, 2066 "timeout waiting for ucode to initialize\n"); 2067 return EIO; 2068 } 2069 2070 /* read the answer or the firmware will not initialize properly */ 2071 for (i = 0; i < 7; i++) 2072 MEM_READ_4(sc, 0x200004); 2073 2074 MEM_WRITE_1(sc, 0x200000, 0x00); 2075 2076 return 0; 2077 } 2078 2079 static int 2080 iwi_alloc_firmware(struct iwi_softc *sc, enum ieee80211_opmode opmode) 2081 { 2082 struct { 2083 const char *suffix; 2084 enum ieee80211_opmode opmode; 2085 } fw_arr[] = { 2086 { "bss", IEEE80211_M_STA }, 2087 { "ibss", IEEE80211_M_IBSS}, 2088 { "sniffer", IEEE80211_M_MONITOR}, 2089 { NULL, 0 } 2090 }; 2091 struct ifnet *ifp = &sc->sc_ic.ic_if; 2092 struct iwi_firmware_hdr *hdr; 2093 struct iwi_firmware *fw = &sc->fw; 2094 struct fw_image *image; 2095 char filename[128]; 2096 int i, error, length_sum; 2097 2098 for (i = 0; fw_arr[i].suffix != NULL; ++i) { 2099 if (fw_arr[i].opmode == opmode) 2100 break; 2101 } 2102 2103 KASSERT(fw_arr[i].suffix != NULL, ("unsupported opmode %u\n", opmode)); 2104 2105 ksnprintf(filename, sizeof(filename), IWI_FW_PATH, fw_arr[i].suffix); 2106 2107 /* 2108 * Release the serializer to avoid possible dead lock 2109 */ 2110 lwkt_serialize_exit(ifp->if_serializer); 2111 image = firmware_image_load(filename, NULL); 2112 lwkt_serialize_enter(ifp->if_serializer); 2113 2114 if (image == NULL) 2115 return ENOENT; 2116 fw->fw_image = image; 2117 2118 /* 2119 * Verify the image 2120 */ 2121 error = EINVAL; 2122 2123 if (fw->fw_image->fw_imglen < sizeof(struct iwi_firmware_hdr)) { 2124 if_printf(ifp, "%s firmware too short", image->fw_name); 2125 goto back; 2126 } 2127 2128 hdr = (struct iwi_firmware_hdr *)image->fw_image; 2129 if (hdr->vermaj != 3) { 2130 if_printf(ifp, "%s unsupported firmware version %d.%d\n", 2131 image->fw_name, hdr->vermaj, hdr->vermin); 2132 goto back; 2133 } 2134 2135 length_sum = le32toh(hdr->bsize) + le32toh(hdr->usize) + le32toh(hdr->fsize); 2136 if (length_sum + sizeof(*hdr) != image->fw_imglen) { 2137 if_printf(ifp, "%s size mismatch, %u/hdr %u\n", image->fw_name, 2138 fw->fw_image->fw_imglen, length_sum + sizeof(*hdr)); 2139 goto back; 2140 } 2141 2142 fw->boot = (uint8_t *)(hdr + 1); 2143 fw->boot_size = le32toh(hdr->bsize); 2144 fw->ucode = fw->boot + fw->boot_size; 2145 fw->ucode_size = le32toh(hdr->usize); 2146 fw->main = fw->ucode + fw->ucode_size; 2147 fw->main_size = le32toh(hdr->fsize); 2148 2149 error = 0; 2150 2151 back: 2152 if (error) { 2153 firmware_image_unload(fw->fw_image); 2154 bzero(fw, sizeof(*fw)); 2155 } 2156 return error; 2157 } 2158 2159 static int 2160 iwi_free_firmware(struct iwi_softc *sc) 2161 { 2162 if (sc->fw.fw_image != NULL) 2163 firmware_image_unload(sc->fw.fw_image); 2164 return 0; 2165 } 2166 2167 /* macro to handle unaligned little endian data in firmware image */ 2168 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2169 2170 static int 2171 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2172 { 2173 bus_dma_tag_t dmat; 2174 bus_dmamap_t map; 2175 bus_addr_t physaddr; 2176 void *virtaddr; 2177 u_char *p, *end; 2178 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2179 int ntries, error = 0; 2180 struct ifnet *ifp = &sc->sc_ic.ic_if; 2181 2182 ASSERT_SERIALIZED(ifp->if_serializer); 2183 2184 /* Allocate DMA memory for mapping firmware image */ 2185 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2186 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2187 if (error != 0) { 2188 device_printf(sc->sc_dev, 2189 "could not create firmware DMA tag\n"); 2190 goto fail1; 2191 } 2192 2193 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2194 if (error != 0) { 2195 device_printf(sc->sc_dev, 2196 "could not allocate firmware DMA memory\n"); 2197 goto fail2; 2198 } 2199 2200 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2201 &physaddr, 0); 2202 if (error != 0) { 2203 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2204 goto fail3; 2205 } 2206 2207 /* Copy firmware image to DMA memory */ 2208 memcpy(virtaddr, fw, size); 2209 2210 /* Make sure the adapter will get up-to-date values */ 2211 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2212 2213 /* Tell the adapter where the command blocks are stored */ 2214 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2215 2216 /* 2217 * Store command blocks into adapter's internal memory using register 2218 * indirections. The adapter will read the firmware image through DMA 2219 * using information stored in command blocks. 2220 */ 2221 src = physaddr; 2222 p = virtaddr; 2223 end = p + size; 2224 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2225 2226 while (p < end) { 2227 dst = GETLE32(p); p += 4; src += 4; 2228 len = GETLE32(p); p += 4; src += 4; 2229 p += len; 2230 2231 while (len > 0) { 2232 mlen = min(len, IWI_CB_MAXDATALEN); 2233 2234 ctl = IWI_CB_DEFAULT_CTL | mlen; 2235 sum = ctl ^ src ^ dst; 2236 2237 /* Write a command block */ 2238 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2239 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2240 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2241 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2242 2243 src += mlen; 2244 dst += mlen; 2245 len -= mlen; 2246 } 2247 } 2248 2249 /* Write a fictive final command block (sentinel) */ 2250 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2251 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2252 2253 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2254 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2255 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2256 2257 /* Tell the adapter to start processing command blocks */ 2258 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2259 2260 /* Wait until the adapter reaches the sentinel */ 2261 for (ntries = 0; ntries < 400; ntries++) { 2262 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2263 break; 2264 DELAY(100); 2265 } 2266 if (ntries == 400) { 2267 device_printf(sc->sc_dev, 2268 "timeout processing command blocks\n"); 2269 error = EIO; 2270 goto fail4; 2271 } 2272 2273 /* We're done with command blocks processing */ 2274 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2275 2276 /* Allow interrupts so we know when the firmware is ready */ 2277 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2278 2279 /* Tell the adapter to initialize the firmware */ 2280 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2281 2282 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2283 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2284 2285 /* wait at most one second for firmware initialization to complete */ 2286 tsleep_interlock(IWI_FW_INITIALIZED(sc), 0); 2287 lwkt_serialize_exit(ifp->if_serializer); 2288 error = tsleep(IWI_FW_INITIALIZED(sc), PINTERLOCKED, "iwiinit", hz); 2289 lwkt_serialize_enter(ifp->if_serializer); 2290 if (error != 0) { 2291 device_printf(sc->sc_dev, "timeout waiting for firmware " 2292 "initialization to complete\n"); 2293 goto fail4; 2294 } 2295 2296 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2297 bus_dmamap_unload(dmat, map); 2298 fail3: bus_dmamem_free(dmat, virtaddr, map); 2299 fail2: bus_dma_tag_destroy(dmat); 2300 fail1: 2301 return error; 2302 } 2303 2304 static int 2305 iwi_config(struct iwi_softc *sc) 2306 { 2307 struct ieee80211com *ic = &sc->sc_ic; 2308 struct ifnet *ifp = ic->ic_ifp; 2309 struct iwi_configuration config; 2310 struct iwi_rateset rs; 2311 struct iwi_txpower power; 2312 struct ieee80211_key *wk; 2313 struct iwi_wep_key wepkey; 2314 uint32_t data; 2315 int error, i; 2316 2317 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2318 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2319 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2320 IEEE80211_ADDR_LEN, 0); 2321 if (error != 0) 2322 return error; 2323 2324 memset(&config, 0, sizeof config); 2325 config.bluetooth_coexistence = sc->bluetooth; 2326 config.antenna = sc->antenna; 2327 config.multicast_enabled = 1; 2328 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2329 config.disable_unicast_decryption = 1; 2330 config.disable_multicast_decryption = 1; 2331 DPRINTF(("Configuring adapter\n")); 2332 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2333 if (error != 0) 2334 return error; 2335 2336 data = htole32(IWI_POWER_MODE_CAM); 2337 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2338 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2339 if (error != 0) 2340 return error; 2341 2342 data = htole32(ic->ic_rtsthreshold); 2343 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2344 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2345 if (error != 0) 2346 return error; 2347 2348 data = htole32(ic->ic_fragthreshold); 2349 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2350 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2351 if (error != 0) 2352 return error; 2353 2354 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2355 power.mode = IWI_MODE_11B; 2356 power.nchan = 11; 2357 for (i = 0; i < 11; i++) { 2358 power.chan[i].chan = i + 1; 2359 power.chan[i].power = IWI_TXPOWER_MAX; 2360 } 2361 DPRINTF(("Setting .11b channels tx power\n")); 2362 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2363 0); 2364 if (error != 0) 2365 return error; 2366 2367 power.mode = IWI_MODE_11G; 2368 DPRINTF(("Setting .11g channels tx power\n")); 2369 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2370 0); 2371 if (error != 0) 2372 return error; 2373 } 2374 2375 rs.mode = IWI_MODE_11G; 2376 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2377 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2378 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2379 rs.nrates); 2380 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2381 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2382 if (error != 0) 2383 return error; 2384 2385 rs.mode = IWI_MODE_11A; 2386 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2387 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2388 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2389 rs.nrates); 2390 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2391 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2392 if (error != 0) 2393 return error; 2394 2395 /* if we have a desired ESSID, set it now */ 2396 if (ic->ic_des_esslen != 0) { 2397 #ifdef IWI_DEBUG 2398 if (iwi_debug > 0) { 2399 kprintf("Setting desired ESSID to "); 2400 ieee80211_print_essid(ic->ic_des_essid, 2401 ic->ic_des_esslen); 2402 kprintf("\n"); 2403 } 2404 #endif 2405 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2406 ic->ic_des_esslen, 0); 2407 if (error != 0) 2408 return error; 2409 } 2410 2411 data = htole32(karc4random()); 2412 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2413 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2414 if (error != 0) 2415 return error; 2416 2417 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2418 wk = &ic->ic_crypto.cs_nw_keys[i]; 2419 2420 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2421 wepkey.idx = i; 2422 wepkey.len = wk->wk_keylen; 2423 memset(wepkey.key, 0, sizeof wepkey.key); 2424 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2425 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2426 wepkey.len)); 2427 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2428 sizeof wepkey, 0); 2429 if (error != 0) 2430 return error; 2431 } 2432 2433 /* Enable adapter */ 2434 DPRINTF(("Enabling adapter\n")); 2435 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2436 } 2437 2438 static int 2439 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2440 { 2441 struct ieee80211com *ic = &sc->sc_ic; 2442 struct iwi_scan scan; 2443 2444 memset(&scan, 0, sizeof scan); 2445 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2446 scan.passive = htole16(2000); 2447 scan.channels[0] = 1 | 2448 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2449 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2450 2451 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2452 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2453 } 2454 2455 static int 2456 iwi_scan(struct iwi_softc *sc) 2457 { 2458 struct ieee80211com *ic = &sc->sc_ic; 2459 struct iwi_scan scan; 2460 uint8_t *p; 2461 int i, count; 2462 2463 memset(&scan, 0, sizeof scan); 2464 2465 if (ic->ic_des_esslen != 0) { 2466 scan.bdirected = htole16(sc->dwelltime); 2467 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2468 } else { 2469 scan.broadcast = htole16(sc->dwelltime); 2470 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2471 } 2472 2473 p = scan.channels; 2474 count = 0; 2475 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2476 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2477 isset(ic->ic_chan_active, i)) { 2478 *++p = i; 2479 count++; 2480 } 2481 } 2482 *(p - count) = IWI_CHAN_5GHZ | count; 2483 2484 p = (count > 0) ? p + 1 : scan.channels; 2485 count = 0; 2486 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2487 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2488 isset(ic->ic_chan_active, i)) { 2489 *++p = i; 2490 count++; 2491 } 2492 } 2493 *(p - count) = IWI_CHAN_2GHZ | count; 2494 2495 DPRINTF(("Start scanning\n")); 2496 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2497 } 2498 2499 static int 2500 iwi_auth_and_assoc(struct iwi_softc *sc) 2501 { 2502 struct ieee80211com *ic = &sc->sc_ic; 2503 struct ifnet *ifp = ic->ic_ifp; 2504 struct ieee80211_node *ni = ic->ic_bss; 2505 struct ieee80211_wme_info wme; 2506 struct iwi_configuration config; 2507 struct iwi_associate assoc; 2508 struct iwi_rateset rs; 2509 uint16_t capinfo; 2510 uint32_t data; 2511 int error; 2512 2513 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2514 memset(&config, 0, sizeof config); 2515 config.bluetooth_coexistence = sc->bluetooth; 2516 config.antenna = sc->antenna; 2517 config.multicast_enabled = 1; 2518 config.use_protection = 1; 2519 config.answer_pbreq = 2520 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2521 config.disable_unicast_decryption = 1; 2522 config.disable_multicast_decryption = 1; 2523 DPRINTF(("Configuring adapter\n")); 2524 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2525 1); 2526 if (error != 0) 2527 return error; 2528 } 2529 2530 #ifdef IWI_DEBUG 2531 if (iwi_debug > 0) { 2532 kprintf("Setting ESSID to "); 2533 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2534 kprintf("\n"); 2535 } 2536 #endif 2537 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2538 if (error != 0) 2539 return error; 2540 2541 /* the rate set has already been "negotiated" */ 2542 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2543 IWI_MODE_11G; 2544 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2545 rs.nrates = ni->ni_rates.rs_nrates; 2546 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE); 2547 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2548 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2549 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2550 if (error != 0) 2551 return error; 2552 2553 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2554 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2555 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2556 wme.wme_oui[0] = 0x00; 2557 wme.wme_oui[1] = 0x50; 2558 wme.wme_oui[2] = 0xf2; 2559 wme.wme_type = WME_OUI_TYPE; 2560 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2561 wme.wme_version = WME_VERSION; 2562 wme.wme_info = 0; 2563 2564 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2565 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2566 if (error != 0) 2567 return error; 2568 } 2569 2570 if (ic->ic_opt_ie != NULL) { 2571 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2572 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2573 ic->ic_opt_ie_len, 1); 2574 if (error != 0) 2575 return error; 2576 } 2577 2578 data = htole32(ni->ni_rssi); 2579 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2580 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2581 if (error != 0) 2582 return error; 2583 2584 memset(&assoc, 0, sizeof assoc); 2585 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2586 IWI_MODE_11G; 2587 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2588 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2589 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2590 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2591 assoc.policy |= htole16(IWI_POLICY_WME); 2592 if (ic->ic_flags & IEEE80211_F_WPA) 2593 assoc.policy |= htole16(IWI_POLICY_WPA); 2594 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2595 2596 if (ic->ic_opmode == IEEE80211_M_IBSS) 2597 capinfo = IEEE80211_CAPINFO_IBSS; 2598 else 2599 capinfo = IEEE80211_CAPINFO_ESS; 2600 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2601 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2602 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2603 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2604 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2605 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2606 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2607 assoc.capinfo = htole16(capinfo); 2608 2609 assoc.lintval = htole16(ic->ic_lintval); 2610 assoc.intval = htole16(ni->ni_intval); 2611 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2612 if (ic->ic_opmode == IEEE80211_M_IBSS) 2613 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2614 else 2615 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2616 2617 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2618 assoc.bssid, ":", assoc.chan, assoc.auth)); 2619 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2620 } 2621 2622 static void 2623 iwi_init(void *priv) 2624 { 2625 struct iwi_softc *sc = priv; 2626 struct ieee80211com *ic = &sc->sc_ic; 2627 struct ifnet *ifp = ic->ic_ifp; 2628 struct iwi_firmware *fw = &sc->fw; 2629 struct iwi_rx_data *data; 2630 int i; 2631 2632 iwi_stop(sc); 2633 2634 if (iwi_reset(sc) != 0) { 2635 device_printf(sc->sc_dev, "could not reset adapter\n"); 2636 goto fail; 2637 } 2638 2639 if (iwi_alloc_firmware(sc, ic->ic_opmode) != 0) { 2640 device_printf(sc->sc_dev, "could not allocate firmware\n"); 2641 goto fail; 2642 } 2643 2644 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2645 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2646 goto fail; 2647 } 2648 2649 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2650 device_printf(sc->sc_dev, "could not load microcode\n"); 2651 goto fail; 2652 } 2653 2654 iwi_stop_master(sc); 2655 2656 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2657 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2658 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2659 2660 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2661 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2662 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2663 2664 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2665 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2666 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2667 2668 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2669 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2670 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2671 2672 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2673 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2674 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2675 2676 for (i = 0; i < sc->rxq.count; i++) { 2677 data = &sc->rxq.data[i]; 2678 CSR_WRITE_4(sc, data->reg, data->physaddr); 2679 } 2680 2681 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2682 2683 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2684 device_printf(sc->sc_dev, "could not load main firmware\n"); 2685 goto fail; 2686 } 2687 2688 sc->flags |= IWI_FLAG_FW_INITED; 2689 2690 if (iwi_config(sc) != 0) { 2691 device_printf(sc->sc_dev, "device configuration failed\n"); 2692 goto fail; 2693 } 2694 2695 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2696 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2697 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2698 } else 2699 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2700 2701 ifp->if_flags &= ~IFF_OACTIVE; 2702 ifp->if_flags |= IFF_RUNNING; 2703 2704 return; 2705 2706 fail: ifp->if_flags &= ~IFF_UP; 2707 iwi_stop(sc); 2708 } 2709 2710 static void 2711 iwi_stop(void *priv) 2712 { 2713 struct iwi_softc *sc = priv; 2714 struct ieee80211com *ic = &sc->sc_ic; 2715 struct ifnet *ifp = ic->ic_ifp; 2716 2717 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2718 2719 iwi_stop_master(sc); 2720 2721 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2722 2723 /* reset rings */ 2724 iwi_reset_cmd_ring(sc, &sc->cmdq); 2725 iwi_reset_tx_ring(sc, &sc->txq[0]); 2726 iwi_reset_tx_ring(sc, &sc->txq[1]); 2727 iwi_reset_tx_ring(sc, &sc->txq[2]); 2728 iwi_reset_tx_ring(sc, &sc->txq[3]); 2729 iwi_reset_rx_ring(sc, &sc->rxq); 2730 2731 sc->sc_tx_timer = 0; 2732 ifp->if_timer = 0; 2733 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2734 } 2735 2736 static int 2737 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2738 { 2739 struct iwi_softc *sc = arg1; 2740 struct ifnet *ifp = &sc->sc_ic.ic_if; 2741 uint32_t size, buf[128]; 2742 2743 lwkt_serialize_enter(ifp->if_serializer); 2744 2745 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2746 memset(buf, 0, sizeof buf); 2747 goto back; 2748 } 2749 2750 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2751 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2752 back: 2753 lwkt_serialize_exit(ifp->if_serializer); 2754 return SYSCTL_OUT(req, buf, sizeof buf); 2755 } 2756 2757 static int 2758 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2759 { 2760 struct iwi_softc *sc = arg1; 2761 struct ifnet *ifp = &sc->sc_ic.ic_if; 2762 int val; 2763 2764 lwkt_serialize_enter(ifp->if_serializer); 2765 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2766 lwkt_serialize_exit(ifp->if_serializer); 2767 2768 return SYSCTL_OUT(req, &val, sizeof val); 2769 } 2770 2771 static const int8_t iwi_bitmap[256] = { 2772 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2773 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2774 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2775 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2776 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2777 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2778 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2779 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2780 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2781 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2782 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2783 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2784 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2785 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2786 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2787 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2788 }; 2789 2790 static int 2791 iwi_alloc_ibss_node(struct iwi_softc *sc) 2792 { 2793 int i; 2794 2795 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2796 2797 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2798 int ret; 2799 2800 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2801 if (ret != -1) { 2802 sc->sc_ibss_node[i] |= (1 << ret); 2803 ret += (i * NBBY); 2804 return ret; 2805 } 2806 } 2807 return -1; 2808 } 2809 2810 static void 2811 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2812 { 2813 int i, b; 2814 2815 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2816 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2817 2818 i = ibss_node / NBBY; 2819 b = ibss_node % NBBY; 2820 2821 sc->sc_ibss_node[i] &= ~(1 << b); 2822 } 2823